﻿/********************************************************************************
    Copyright (C) Binod Nepal, Planet Earth Solutions Pvt. Ltd., Kathmandu.
	Released under the terms of the GNU General Public License, GPL, 
	as published by the Free Software Foundation, either version 3 
	of the License, or (at your option) any later version.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************************/

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace MixNP.Web.Classifieds
{
    public partial class ChangePassword : MixNP.BusinessLayer.BaseClass
    {
        protected override void OnInit(EventArgs e)
        {
            this.RequiresLogin = true;
            base.OnInit(e);
        }

        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void ChangePasswordButton_Click(object sender, EventArgs e)
        {
            if (!PasswordTextBox.Text.Equals(ConfirmPasswordTextBox.Text))
            {
                ErrorLiteral.Text = "Sorry, your password was not changed because the confirmation password does not match with the new password you entered.";
                return;
            }

            string emailAddress = User.Identity.Name;

            string newSalt = Guid.NewGuid().ToString();
            string salt = MixNP.BusinessLayer.Users.GetSaltFromEmailAddress(emailAddress);

            string password = CurrentPasswordTextBox.Text;
            string hashedPasword = Pes.Utility.Conversion.HashSha512(password, salt);
            string saltedPassword = Pes.Utility.Conversion.HashSha512(hashedPasword, newSalt);

            if (!MixNP.BusinessLayer.Users.AuthenticatePassword(emailAddress, saltedPassword, newSalt))
            {
                ErrorLiteral.Text = "Sorry, your password was not changed because the current password you entered is incorrect.";
                return;
            }

            string newPassword = ConfirmPasswordTextBox.Text;
            string newPasswordSalt = Guid.NewGuid().ToString();
            string newHashedPassword = Pes.Utility.Conversion.HashSha512(newPassword, newPasswordSalt);

            if (MixNP.BusinessLayer.Users.ChangePassword(emailAddress, newHashedPassword, newPasswordSalt))
            {
                ChangePasswordPanel.Visible = false;
                SuccessLiteral.Text = "<h2>Your password was changed successfully.</h2>";
                System.Web.Security.FormsAuthentication.SignOut();
                Response.Redirect("~/sign-in.mix", true);
            }
        }
    }
}